Virtual Currency Kingpin Pleads Guilty

The founder and operator of a notorious virtual currency system that was reportedly beloved by cybercriminals has pleaded guilty in Manhattan federal court to laundering $250 million in criminal proceeds. To date, five men have now pleaded guilty to related charges in U.S. federal court.

Arthur Budovsky, 42, created and ran Liberty Reserve, a Costa Rica-based virtual currency system that was founded in 2006 before being forcibly shuttered by the U.S. Department of Justice in May 2013. At that time, authorities said the site had laundered $6 billion in ill-gotten gains (see Feds Shutter Business Tied to Cyberheist).

Now, as part of a plea agreement, Budovsky on Jan. 29 pleaded guilty before U.S. District Judge Denise L. Cote to one count of conspiring to commit money laundering. Budovsky, who is scheduled to be sentenced on May 6, faces up to 20 years in prison.

"Arthur Budovsky founded and operated Liberty Reserve, an underworld cyber-banking system that laundered hundreds of millions of dollars in illicit proceeds for criminals around the world," Manhattan U.S. Attorney Preet Bharara says in a statement. "The only liberty that Budovsky and Liberty Reserve promoted was the freedom to commit and profit from crime."

The Justice Department says the U.S. government worked with law enforcement agencies in 17 other countries to shut down Liberty Reserve, seize related websites and bank accounts as well as launch civil actions against 35 associated "exchanger websites" that operated from countries that lacked strong money oversight or regulation laws, such as Malaysia, Nigeria, Russia and Vietnam. Using these exchangers enabled Liberty Reserve "to avoid collecting any information about its users through banking transactions or other activity that would leave a centralized financial paper trail," according to U.S. prosecutors.

When Liberty Reserve was shut down, prosecutors say it had more than 5 million accounts - including 600,000 tied to U.S. users - and that it had processed tens of millions of transactions, some of which were tied to hack attacks, identity theft campaigns as well as investment fraud and credit card fraud.

As part of his plea agreement, Budovsky has admitted to laundering more than $250 million in criminal proceeds while he operated Liberty Reserve, the Justice Department says. Of course, that's a notable drop from the $6 billion that authorities alleged in a May 2013 indictment that the virtual currency system had laundered. A spokeswoman for the U.S. District Court for the Southern District of New York wasn't immediately able to comment on that difference.

Life After E-Gold

This isn't the first time that Budovsky has been convicted of a crime relating to moving money. After founding a digital currency exchange service called GoldAge in 1999 that was registered in Panama, in 2006, following a six-month sting operation, he was convicted in New York county court of operating it as an unlicensed money transmitting business.

Budovsky was sentenced to five years in prison, although that was reduced to five years of probation. Meanwhile, U.S. prosecutors said Budovsky emigrated to Costa Rica, renouncing his U.S. citizenship in 2011, after the government launched its Liberty Reserve investigation. Prosecutors said Budovsky told U.S. immigration authorities that he was concerned that the "software" his "company" was developing "might open him up to liability in the U.S."

According to court documents, Budovsky designed Liberty Reserve based on the challenges faced by the E-Gold digital currency service. In 2007, authorities charged E-Gold's operators with money laundering and running an unlicensed money-transmitting business, and founder Douglas Jackson pleaded guilty in 2008 to those charges. "Budovsky set about building a digital currency that would succeed in eluding law enforcement where E-Gold had failed, by, among other ways, locating the business outside the United States," according to prosecutors.

Five Guilty Pleas

But Budovsky's virtual currency system experiment failed. After he was indicted by a federal grand jury in New York, Budovsky - then a resident of the Netherlands - was arrested on May 24, 2013, by Spanish authorities, and extradited to the United States in October 2013 (see Alleged Money Launderer Extradited).

Also arrested on May 24, 2013, were four of Budovsky's co-conspirators: Liberty Reserve co-founder Vladimir Kats, arrested in Brooklyn, New York; Azzeddine El Amine, a Liberty Reserve manager, arrested in Spain; and Mark Marmilev and Maxim Chukharev, who both designed and managed Liberty Reserve's IT infrastructure and were respectively arrested in Brooklyn and in Costa Rica.

At the time, prosecutors said two other defendants - Ahmed Yassine Abdelghani, a.k.a. "Yassine," and Allan Esteban Hidalgo Jimenez, a.k.a. "Hidalgo," remained at large in Costa Rica.

Both el Amine and Chukharev were extradited to the United States. Since then, all four of the arrested men have pleaded guilty to related charges. Marmilev has been sentenced to five years in prison, Chukharev to three years, while Kats and el Amine are still awaiting sentencing before Judge Cote.

Prosecutors say Jimenez and Abdelghani remain at large.

Investigators Follow the Money

In the wake of the Liberty Reserve shutdown, many security experts predicted that government investigators would continue to "follow the money" whenever possible for anyone who had been using the site to further any criminal pursuits.

In 2011, for example, the U.S. government indicted alleged Russian hacker Roman Valerevich Seleznev, a.k.a. "Track2," on 40 charges relating to the alleged theft and sale of at least 2 million credit card numbers. The Justice Department has since said that part of its evidence against Seleznev relates to his alleged Liberty Reserve account. "Among the Liberty Reserve accounts maintained by [Seleznev] were two accounts that received over $17.8 million U.S. dollars in payments for the sales of stolen credit card data," according to court documents.

Seleznev was detained at an airport in Maldives in 2014, after which he was flown by U.S. Secret Service agents to the U.S. territory of Guam, in what the Russian government has called a kidnapping, according to the Russian Foreign Ministry . Seleznev has pleaded not guilty to related charges (see Free Defense for Alleged $18M Hacker?).

About the Author

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the Executive Editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, amongst other publications. He lives in Scotland.

Operation Success!

Risk Management Framework: Learn from NIST

From heightened risks to increased regulations, senior leaders at all levels are pressured to
improve their organizations' risk management capabilities. But no one is showing them how -
until now.

Learn the fundamentals of developing a risk management program from the man who wrote the book
on the topic: Ron Ross, computer scientist for the National Institute of Standards and
Technology. In an exclusive presentation, Ross, lead author of NIST Special Publication 800-37
- the bible of risk assessment and management - will share his unique insights on how to:

Understand the current cyber threats to all public and private sector organizations;

Develop a multi-tiered risk management approach built upon governance, processes and
information systems;